Light

d3ndr1t30x / shellcode_exec_methods Goto Github PK

View Code? Open in Web Editor NEW

0.0 1.0 0.0 1 KB

A list I made as a reminder to code different POCs for various methods of shellcode execution.

shellcode_exec_methods's Introduction

Shellcode Execution Methods

Commonly Used Methods

Direct Shellcode Execution
- Injecting and executing shellcode directly in a target process.
Process Hollowing
- Creating a new process in a suspended state, replacing its code with shellcode, and resuming it.
DLL Injection
- Injecting a DLL containing shellcode into a target process.
Remote Thread Injection
- Creating a remote thread in a target process that executes shellcode.
Reflective DLL Injection
- Loading and executing a DLL directly from memory.
Heap Spraying
- Allocating a large amount of memory in a process and filling it with shellcode to increase the chances of execution.
Code Cavities
- Finding and exploiting unused code sections in an existing binary to inject shellcode.
Stack Pivoting
- Redirecting the stack pointer to controlled data that includes shellcode.

Less Commonly Used Methods

Atom Bombing
- Using the Windows atom table to store shellcode and execute it.
Thread Hijacking
- Hijacking an existing thread to execute shellcode.
Callback Functions
- Using Windows callback functions (e.g., Windows Hook, APC) to execute shellcode.
VBA Macro Injection
- Embedding shellcode in a VBA macro in Office documents.
Hardware Breakpoints
- Setting a hardware breakpoint to trigger execution of shellcode.
Registry-based Persistence
- Storing shellcode in the Windows registry and executing it via a registry-based mechanism.
Userland API Hooking
- Hooking userland APIs and redirecting execution flow to shellcode.
COM Hijacking
- Hijacking Component Object Model (COM) objects to execute shellcode.
Windows Management Instrumentation (WMI)
- Using WMI scripts or events to execute shellcode.
Transacted Hollowing
- Using Windows transactions to hollow out and replace code in a transacted file.
PowerShell
- Using PowerShell scripts to download and execute shellcode.
Abusing Signed Binaries
- Using legitimate signed binaries (Living off the Land Binaries) to load and execute shellcode.

shellcode_exec_methods's People

Contributors

Watchers

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.